Virtual Private Cloud (VPC)
Within a cloud, a CSP establishes a virtualization layer that abstracts the underlying physical network of the datacenter hosting the cloud.
- allows the CSP to operate a public cloud where the networking performed by each tenant account is isolated from the others
- three contexts in tenant-configured cloud networking:
- Networks by which the tenant operates and manages the cloud systems
- Virtual networks established to connect VM and container instances within the cloud
- Virtual networks by which cloud services are published to guests or customers on the Internet
- to establish “local” networks within the cloud to deploy resources to,
- each tenant can create one or more virtual private clouds (VPCs)
- by default, is isolated from:
- other CSP accounts
- other VPCs in same account
- instances are isolated
- communications between VPCs must be created by configuring routing
- within each VPC,
- can assign an IPv4 CIDR block
- configure one or more subnets within that block
- can assign an IPv6 CIDR block
- by default, is isolated from:
- each tenant can create one or more virtual private clouds (VPCs)
Info
- this focuses on AWS networking
- other CSPs have similar functionality and different terminology
- e.g., Azure VPCs are called virtual networks